We believe that BoardPacks is an increasingly essential technology for any organisation that has board meetings – providing transparency into board meetings and saving money on printing board packs.
It plays a major role in supporting the information sharing, decision making and risk management associated with good governance, in a way that paper-based board packs cannot hope to achieve. But it is also a platform that comes with the very highest levels of security, protecting and keeping safe confidential boardroom data.
The importance of security
One of the primary concerns when considering new technology for a board is security. Cybercrime is a growing concern as criminals exploit the speed and anonymity of the internet to commit crimes against organisations large and small. Often, hackers can access company systems without the organisation even realising its security has been compromised.
As well as the murky threat of hackers, the other security threat for all organisations is the unwitting user. This threat comes in two forms: basic human error, where a board member leaves a device somewhere they shouldn’t, or doesn’t follow the correct security protocol; and board members that Bring Their Own Device (BYOD), devices that have may have been used by other members of the family and connected to social networks, the internet of things and more, so there is inherently more risk of a data breach.
BoardPacks and security
While we can’t stop a board member leaving their smartphone in a hotel, BoardPacks comes with security measures that can minimise the risk if that does happen. If the device is lost or stolen, access can be denied remotely or the data can be wiped remotely.
Our security also includes two-factor authentication, the most secure form of login, and measures to keep work data separate from personal data. It isn’t enough to secure the device, the apps used need to have their own security layer. This is why it is so important to use a board portal with the appropriate ISO 27001 certification. BoardPacks’ ISO 27001 certification covers:
• Separation of duty
• Separation of networks
• Separation of domains (i.e. we have a live domain and two testing ones)
• Controls for malicious software
• Controls for espionage e.g. vetting of employees and fine grain password policies
• Encryption of client data (when moving and at rest) & work stations
• Regular penetration testing (BoardPacks is regularly penetration tested by a third party)
The information and data shared and discussed during a board meeting is arguably the most private a business will have. It can involve complex and confidential financial matters and even the future strategy of that organisation, information that should it fall into the wrong hands, would be highly damaging.
We understand the absolute importance of keeping this safe and secure, and BoardPacks has the right balance of security with ease of use, so users don’t try to find a workaround that also bypasses security.